From 8250f273ed716e347b7f7bdfe2fcedcede934604 Mon Sep 17 00:00:00 2001
From: Jeffrey Yasskin <jyasskin@google.com>
Date: Wed, 3 Jul 2024 16:29:50 +0000
Subject: [PATCH] Link to DTI's data portability threat model.

---
 index.html | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/index.html b/index.html
index 856912b..8db47cc 100644
--- a/index.html
+++ b/index.html
@@ -355,6 +355,12 @@
           publisher: 'The Conversationalist',
           rawDate: '2019-09-13',
         },
+        'Portability-Threat-Model': {
+          title: 'User Data Portability Threat Model',
+          authors: ['Lisa Dusseault'],
+          href: 'https://dtinit.org/assets/ThreatModel.pdf',
+          publisher: 'Data Transfer Initiative',
+        },
         'Privacy-Behavior': {
           title: 'Privacy and Human Behavior in the Age of Information',
           authors: ['Alessandro Acquisti', 'Laura Brandimarte', 'George Loewenstein'],
@@ -1556,6 +1562,7 @@
 
 Portability is needed to support a [=person=]'s ability to make choices about services with
 different data practices. Standards for interoperability are essential for effective re-use.
+Porting user data involves security and privacy risks described in [[Portability-Threat-Model]].
 
 * The <dfn data-export="">right to correct</dfn> [=data=] about oneself, to ensure that one's
 [=identity=] is properly reflected in a system.